And there are serious issues with the hardware / firmware including them going out of the way to sabotage security. They are against being able to ship firmware updates in the first place, unless the firmware has no signature verification, otherwise they see it as mandatory to
Conversation
at least block updating it from the OS and it's probably really required to block updating it at all to fit the requirements they have chosen. Couple that with deliberately not setting up the SoC / CPU in a secure way including on their laptops and other issues like badly chosen
1
components based on criteria for choosing it not aligned with privacy/security. I really think you're better off with the Pinephone which while using lower end, more outdated hardware has compatible goals (just different ones) and doesn't have active sabotage in these areas.
1
1
I don't really see how something designed to be locked down in a way that even a Pixel is not (i.e. going out of the way to sabotage firmware updates to remove that option from users and operating systems) is more flexible, or what advantage there is to sketchy component choices.
2
Can you elaborate on sabotaging firmware updates? This point has remained unclear.
2
"The SPI flash will be read only so the firmware blobs [run on the secondary processor] can’t be modified without the user knowing."
This all stems from seeking RYF certification and making use of the secondary processor exception.
1
This is just one example. There are other ways it is approached. It is also part of how they make their laptops. So, if the firmware has signature verification, they'll block updating it somehow. If it doesn't, it'll still end up being blocked since components lack open firmware.
1
If there is a security feature that they see as reducing 'freedom' (with a very odd way of defining freedom) it will be deliberately left either not set up or permanently disabled via fuses. They see it as failure if there is any signed or closed firmware that can be updated.
1
1
And the 'solution' which is applied is preventing it from being updated. This is the MAIN CRITERIA for their choice of components: whether they can block firmware from being updated. So for example, if there are separate data lines for firmware updates, that's perfect to them.
1
Doesn't matter if it's horribly outdated and/or insecure. The decision making is based on whether they can technically have an OS without proprietary components and no way of updating proprietary components from the OS. That is the goal - and not just a transitional one, really.
They'll pay lip service to actually open hardware and firmware but it's not really part of what they want to achieve. End goal is RYF certification and they want to obtain that through making the firmware count as 'hardware' by preventing updates to it to make it out of scope.
2
2
There is nothing more open about the components, and it leads to choice of components that is actually quite problematic for privacy and security reasons. Blocking firmware upgrades is very problematic separately from that. It may be possible to bypass in some cases with physical
1
1
Show replies